const basicAuth = require('basic-auth')
const jwt = require('jsonwebtoken')
class Auth {
    constructor(level) {
        this.level = level || 1
        Auth.USER = 8
        Auth.ADMIN = 16
        Auth.SUPER_ADMIN = 32
    }

    get m() {
        return async (ctx, next) => {
           const userToken = basicAuth(ctx.req);
           let errMsg = 'token不合法';
           let decode;
           if(!userToken || !userToken.name) {
              throw new global.errs.Forbbiden('禁止访问！')
           }
           try {
            decode = jwt.verify(userToken.name, global.config.security.secretKey)
           } catch (error) {
               if(error.name == 'TokenExpiredError') {
                  errMsg = 'token已过期'
               };
               throw new global.errs.Forbbiden(errMsg);
           }
           ctx.auth = {
               uid: decode.uid,
               scope: decode.scope
           }
           await next();
        }
    }

    // 验证小程序返回的token
    static async verifyToken(token) {
       try {
        jwt.verify(token.name, global.config.security.secretKey);
        return true;
       } catch (error) {
        return false;
       }
    }
}

module.exports = {
    Auth
}